1+ hour, 18+ min ago   (301+ words) Disguised as Word or PDF files, these attachments deliver fileless malware that steals credentials and sets up persistent remote access. The campaign begins with emails asking recipients to "confirm the company's legal English name." Despite the double extension mimicking a…...

1+ hour, 25+ min ago   (305+ words) The APT group HoneyMyte, also known as Mustang Panda or Bronze President, has ramped up its espionage in Asia and Europe. Southeast Asia faces the most hits, especially government targets. This group deploys advanced tools like ToneShell rootkit, PlugX, Qreverse,…...

3+ hour, 5+ min ago   (245+ words) The company released an advisory on January 30, 2026, detailing the security flaw and urging customers to apply patches immediately. Attackers with valid credentials can exploit this flaw by sending specially crafted packets containing malicious commands to compromised devices, thereby bypassing security…...

4+ hour ago   (242+ words) Issued under alert code ICSA-26-029-01 on January 29, 2026, the flaw carries a severe CVSS v3 score of 9.8, indicating extreme risk to affected infrastructure. This authentication bypass represents a fundamental security failure that remote, unauthenticated actors can trigger from across the network without…...

4+ hour, 12+ min ago   (381+ words) A dangerous app on the Google Play Store. Posing as a simple document reader named "StellarGrid," the app has racked up over 50,000 downloads. In reality, it acts as a dropper for the notorious Anatsa banking trojan, putting thousands of Android…...

5+ hour, 57+ min ago   (141+ words) Researchers have uncovered a sophisticated supply chain attack targeting Notepad++ users, revealing a meticulously orchestrated espionage campaign attributed to Lotus Blossom, a Chinese APT group active since 2009. The attack originated from IP address 95.179.213.0, where execution of notepad++.exe and GUP....

1+ day, 2+ hour ago   (483+ words) Poland endured a wave of coordinated cyber attacks that struck at the heart of its energy infrastructure. These assaults aimed purely at destruction, akin to digital arson, hitting during brutal low temperatures and snowstorms just before New Year's. While they…...

1+ day, 4+ hour ago   (371+ words) A high-severity authentication bypass vulnerability has been discovered in ClawDBot, a popular npm package, enabling attackers to achieve remote code execution through a single malicious link. The flaw stems from insufficient validation of the gateway URL parameter, combined with automatic…...

3+ day, 23+ hour ago   (468+ words) A massive global network of 175,000 publicly exposed Ollama AI servers, posing significant remote code execution risks across 130 countries. An unmanaged layer of AI compute infrastructure operating without the security guardrails and monitoring systems that major platform providers implement by default....

4+ day, 51+ min ago   (417+ words) NVIDIA has released critical security updates addressing multiple high-severity vulnerabilities in its GPU Display Driver software, vGPU platform, and HD Audio drivers. The bulletin, updated January 27, 2026, details five distinct CVEs affecting millions of systems worldwide, with attack vectors spanning local…...